Prevent OOB error for T2T read/writes
Bug: 112161557
Test: Tag reading, HCE
Merged-In: If170e107b172a590b53f916b12865a1839a25667
Change-Id: If170e107b172a590b53f916b12865a1839a25667
(cherry picked from commit 4bdf4d782d679b6f1c59609203171c51b72164be)
diff --git a/src/nfc/tags/rw_t2t_ndef.cc b/src/nfc/tags/rw_t2t_ndef.cc
index e8902a9..03d205e 100644
--- a/src/nfc/tags/rw_t2t_ndef.cc
+++ b/src/nfc/tags/rw_t2t_ndef.cc
@@ -26,6 +26,7 @@
#include <android-base/stringprintf.h>
#include <base/logging.h>
+#include <log/log.h>
#include "nfc_target.h"
@@ -615,6 +616,10 @@
/* Extract lockbytes info addressed by this Lock TLV */
xx = 0;
+ if (count > RW_T2T_MAX_LOCK_BYTES) {
+ count = RW_T2T_MAX_LOCK_BYTES;
+ android_errorWriteLog(0x534e4554, "112161557");
+ }
while (xx < count) {
p_t2t->lockbyte[p_t2t->num_lockbytes].tlv_index =
p_t2t->num_lock_tlvs;